FreeBSD Bugzilla – Attachment 209141 Details for
Bug 241960
ASLR impacted ports
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
base ntpd circumvention patch
ntpd-aslr.diff (text/plain), 1.80 KB, created by
Cy Schubert
on 2019-11-14 02:47:35 UTC
(
hide
)
Description:
base ntpd circumvention patch
Filename:
MIME Type:
Creator:
Cy Schubert
Created:
2019-11-14 02:47:35 UTC
Size:
1.80 KB
patch
obsolete
>diff --git a/contrib/ntp/ntpd/ntpd.c b/contrib/ntp/ntpd/ntpd.c >index bcfca27a535..284d1300ed9 100644 >--- a/contrib/ntp/ntpd/ntpd.c >+++ b/contrib/ntp/ntpd/ntpd.c >@@ -138,6 +138,13 @@ > # include <seccomp.h> > #endif /* LIBSECCOMP and KERN_SECCOMP */ > >+#ifdef __FreeBSD_cc_version >+#include <sys/types.h> >+#include <sys/sysctl.h> >+#include <sys/procctl.h> >+extern char **environ; >+#endif >+ > #ifdef HAVE_DNSREGISTRATION > # include <dns_sd.h> > DNSServiceRef mdns; >@@ -402,6 +409,49 @@ main( > char *argv[] > ) > { >+#ifdef __FreeBSD_cc_version >+#ifdef _LP64 >+#define ASLR_ENABLE "kern.elf64.aslr.enable" >+#define ASLR_STACK_GAP "kern.elf64.aslr.stack_gap" >+#else >+#define ASLR_ENABLE "kern.elf32.aslr.enable" >+#define ASLR_STACK_GAP "kern.elf32.aslr.stack_gap" >+#endif >+ { >+ int aslr, stack_gap, aslr_var; >+ size_t aslr_len = sizeof(aslr); >+ size_t stack_gap_len = sizeof(stack_gap); >+ >+ pid_t my_pid = getpid(); >+ >+ if (sysctlbyname(ASLR_ENABLE, &aslr, &aslr_len, NULL, 0) != 0) { >+ msyslog(LOG_ERR,"sysctlbyname aslr failed"); >+ exit(255); >+ } >+ if (sysctlbyname(ASLR_STACK_GAP, &stack_gap, &stack_gap_len, NULL, 0) != 0) { >+ msyslog(LOG_ERR,"sysctlbyname stack gap failed"); >+ exit(254); >+ } >+ if (procctl(P_PID, my_pid, PROC_ASLR_STATUS, &aslr_var) != 0) { >+ msyslog(LOG_ERR,"procctl get aslr status failed"); >+ exit(253); >+ } >+ >+ if ((aslr != 0 && stack_gap != 0 && >+ !(aslr_var & PROC_ASLR_FORCE_DISABLE)) || >+ (aslr_var & PROC_ASLR_FORCE_ENABLE)) { >+ aslr_var = PROC_ASLR_FORCE_DISABLE; >+ if (procctl(P_PID, my_pid, PROC_ASLR_CTL, &aslr_var) != 0) { >+ msyslog(LOG_ERR,"procctl set aslr mode failed"); >+ exit(252); >+ } >+ if (execve(argv[0], argv, environ) != 0) { >+ msyslog(LOG_ERR,"ntpd reload failed"); >+ exit(251); >+ } >+ } >+ } >+#endif > return ntpdmain(argc, argv); > } > #endif /* !SYS_WINNT */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=209141">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 241960
: 209141